Charges the government to identify the scope of critical infrastructure organizations

A key piece of the executive order is requires federal agencies overseeing critical infrastructure areas to identify organizations “where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security.”

The order doesn’t compel designated companies to comply with new standards, but it’s expected that a lot of pressure will be applied to those who don’t.

Lockheed Martin describes its response to an attempted attack after the RSA breach.